When deploying a service outside Kubernetes that uses the Kubernetes API as a service account, it's generally required to use a kubeconfig file. Instructions that I've found elsewhere involve copying the user's
~/.kube/config file but that contains potentially many cluster configurations and also provides the credentials of the admin user.
I wrote a small shell script that will generate a new kubeconfig file for a service account on a Kubernetes cluster. It takes the certificate authority from the user's current config, and retrieves the service account's authentication token.
For example, to create a kubeconfig file for a service account user named
spinnaker, in a kubernetes cluster called
$ ./build_kubeconfig.sh "spinnaker" "cluster-1" > kubeconfig Retrieving token for the spinnaker user Retrieving certificate authority for the cluster-1 cluster $ cat kubeconfig apiVersion: v1 kind: Config users: - name: spinnaker user: token: <REDACTED> clusters: - cluster: certificate-authority-data: <REDACTED> server: <REDACTED> name: cluster-1 contexts: - context: cluster: cluster-1 user: spinnaker name: cluster-1 current-context: cluster-1
Download the shell script here.